�ݺ�ߣshows by User: laxris

�ݺ�ߣshows by User: laxris / http://www.slideshare.net/images/logo.gif �ݺ�ߣshows by User: laxris / Thu, 22 Sep 2022 20:48:14 GMT �ݺ�ߣShare feed for �ݺ�ߣshows by User: laxris Machine Learning for (DF)IR with Velociraptor: From Setting Expectations to a Case Study /slideshow/machine-learning-for-dfir-with-velociraptor-from-setting-expectations-to-a-case-study-253122898/253122898 velocon1-220922204814-491b6b37
achine Learning for DFIR with Velociraptor: From Setting Expectations to a Case Study By Christian Hammerschmidt, PhD - Head of Engineering/ML, APTA Technologies Machine learning (ML) or artificial intelligence (AI) often comes with great promise and large marketing budgets for cybersecurity, especially in monitoring (such as EDR/XDR solutions). Post-breach, it often turns out that the actual performance falls short of its promises. In this talk, we’ll briefly look at ML for DFIR: What tasks can ML solve, generally speaking? What requirements do we have for a useful ML system in cybersecurity/DFIR contexts, such as reliability, robustness to attackers, and explainability? What makes ML difficult to apply in cybersecurity, e.g. when thinking about false alerts or attackers attempting to circumvent automated systems? After discussing the basics, we look at ML for velociraptor: How can we process forensic data collected with VQL using machine learning (with a typical Python/Jupyter/scikit-learn/PyTorch stack)? And how can we build artifacts that run ML directly on each endpoint, avoiding central data collection? The talk concludes with a case study, showing how we significantly reduced time to analyze EVTX files in incident response cases, saving thousands of USD in costs and reducing time to resolution. Bio: Chris Hammerschmidt did his PhD research on machine learning methods for reverse engineering software systems. Now, he’s heading APTA Technologies, a start-up building machine learning tools to understand software behavior . Affiliation: APTA Technologies, https://apta.tech]]>
achine Learning for DFIR with Velociraptor: From Setting Expectations to a Case Study By Christian Hammerschmidt, PhD - Head of Engineering/ML, APTA Technologies Machine learning (ML) or artificial intelligence (AI) often comes with great promise and large marketing budgets for cybersecurity, especially in monitoring (such as EDR/XDR solutions). Post-breach, it often turns out that the actual performance falls short of its promises. In this talk, we’ll briefly look at ML for DFIR: What tasks can ML solve, generally speaking? What requirements do we have for a useful ML system in cybersecurity/DFIR contexts, such as reliability, robustness to attackers, and explainability? What makes ML difficult to apply in cybersecurity, e.g. when thinking about false alerts or attackers attempting to circumvent automated systems? After discussing the basics, we look at ML for velociraptor: How can we process forensic data collected with VQL using machine learning (with a typical Python/Jupyter/scikit-learn/PyTorch stack)? And how can we build artifacts that run ML directly on each endpoint, avoiding central data collection? The talk concludes with a case study, showing how we significantly reduced time to analyze EVTX files in incident response cases, saving thousands of USD in costs and reducing time to resolution. Bio: Chris Hammerschmidt did his PhD research on machine learning methods for reverse engineering software systems. Now, he’s heading APTA Technologies, a start-up building machine learning tools to understand software behavior . Affiliation: APTA Technologies, https://apta.tech]]> Thu, 22 Sep 2022 20:48:14 GMT /slideshow/machine-learning-for-dfir-with-velociraptor-from-setting-expectations-to-a-case-study-253122898/253122898 laxris@slideshare.net(laxris) Machine Learning for (DF)IR with Velociraptor: From Setting Expectations to a Case Study laxris achine Learning for DFIR with Velociraptor: From Setting Expectations to a Case Study By Christian Hammerschmidt, PhD - Head of Engineering/ML, APTA Technologies Machine learning (ML) or artificial intelligence (AI) often comes with great promise and large marketing budgets for cybersecurity, especially in monitoring (such as EDR/XDR solutions). Post-breach, it often turns out that the actual performance falls short of its promises. In this talk, we’ll briefly look at ML for DFIR: What tasks can ML solve, generally speaking? What requirements do we have for a useful ML system in cybersecurity/DFIR contexts, such as reliability, robustness to attackers, and explainability? What makes ML difficult to apply in cybersecurity, e.g. when thinking about false alerts or attackers attempting to circumvent automated systems? After discussing the basics, we look at ML for velociraptor: How can we process forensic data collected with VQL using machine learning (with a typical Python/Jupyter/scikit-learn/PyTorch stack)? And how can we build artifacts that run ML directly on each endpoint, avoiding central data collection? The talk concludes with a case study, showing how we significantly reduced time to analyze EVTX files in incident response cases, saving thousands of USD in costs and reducing time to resolution. Bio: Chris Hammerschmidt did his PhD research on machine learning methods for reverse engineering software systems. Now, he’s heading APTA Technologies, a start-up building machine learning tools to understand software behavior . Affiliation: APTA Technologies, https://apta.tech <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/velocon1-220922204814-491b6b37-thumbnail.jpg?width=120&height=120&fit=bounds" /><br> achine Learning for DFIR with Velociraptor: From Setting Expectations to a Case Study By Christian Hammerschmidt, PhD - Head of Engineering/ML, APTA Technologies Machine learning (ML) or artificial intelligence (AI) often comes with great promise and large marketing budgets for cybersecurity, especially in monitoring (such as EDR/XDR solutions). Post-breach, it often turns out that the actual performance falls short of its promises. In this talk, we’ll briefly look at ML for DFIR: What tasks can ML solve, generally speaking? What requirements do we have for a useful ML system in cybersecurity/DFIR contexts, such as reliability, robustness to attackers, and explainability? What makes ML difficult to apply in cybersecurity, e.g. when thinking about false alerts or attackers attempting to circumvent automated systems? After discussing the basics, we look at ML for velociraptor: How can we process forensic data collected with VQL using machine learning (with a typical Python/Jupyter/scikit-learn/PyTorch stack)? And how can we build artifacts that run ML directly on each endpoint, avoiding central data collection? The talk concludes with a case study, showing how we significantly reduced time to analyze EVTX files in incident response cases, saving thousands of USD in costs and reducing time to resolution. Bio: Chris Hammerschmidt did his PhD research on machine learning methods for reverse engineering software systems. Now, he’s heading APTA Technologies, a start-up building machine learning tools to understand software behavior . Affiliation: APTA Technologies, https://apta.tech

Machine Learning for (DF)IR with Velociraptor: From Setting Expectations to a Case Study from Chris Hammerschmidt

]]> 128 0 https://cdn.slidesharecdn.com/ss_thumbnails/velocon1-220922204814-491b6b37-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Generative Adversarial Networks (GANs) at the Data Science Meetup Luxembourg (papers we like session) /slideshow/generative-adversarial-networks-gans-at-the-data-science-meetup-luxembourg-papers-we-like-session/100264154 datasciencemeetupluxembourgpaperswelikegans-180603083843
�ݺ�ߣs from my presentation about Generative Adversarial Networks (GANs) in the Papers we Like session at the Data Science Meetup Luxembourg. I give a short conceptual introduction to the problem and the setup of GANs, but ultimatively spend more time on outlining applications and work extending the original paper. Presenters have 10-15 minutes to introduce the audience to a paper, outline the gist of it, and give the attendees a good takeaway message from the paper.]]>
�ݺ�ߣs from my presentation about Generative Adversarial Networks (GANs) in the Papers we Like session at the Data Science Meetup Luxembourg. I give a short conceptual introduction to the problem and the setup of GANs, but ultimatively spend more time on outlining applications and work extending the original paper. Presenters have 10-15 minutes to introduce the audience to a paper, outline the gist of it, and give the attendees a good takeaway message from the paper.]]> Sun, 03 Jun 2018 08:38:43 GMT /slideshow/generative-adversarial-networks-gans-at-the-data-science-meetup-luxembourg-papers-we-like-session/100264154 laxris@slideshare.net(laxris) Generative Adversarial Networks (GANs) at the Data Science Meetup Luxembourg (papers we like session) laxris �ݺ�ߣs from my presentation about Generative Adversarial Networks (GANs) in the Papers we Like session at the Data Science Meetup Luxembourg. I give a short conceptual introduction to the problem and the setup of GANs, but ultimatively spend more time on outlining applications and work extending the original paper. Presenters have 10-15 minutes to introduce the audience to a paper, outline the gist of it, and give the attendees a good takeaway message from the paper. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/datasciencemeetupluxembourgpaperswelikegans-180603083843-thumbnail.jpg?width=120&height=120&fit=bounds" /><br> �ݺ�ߣs from my presentation about Generative Adversarial Networks (GANs) in the Papers we Like session at the Data Science Meetup Luxembourg. I give a short conceptual introduction to the problem and the setup of GANs, but ultimatively spend more time on outlining applications and work extending the original paper. Presenters have 10-15 minutes to introduce the audience to a paper, outline the gist of it, and give the attendees a good takeaway message from the paper.

Generative Adversarial Networks (GANs) at the Data Science Meetup Luxembourg (papers we like session) from Chris Hammerschmidt

]]> 237 3 https://cdn.slidesharecdn.com/ss_thumbnails/datasciencemeetupluxembourgpaperswelikegans-180603083843-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 https://cdn.slidesharecdn.com/profile-photo-laxris-48x48.jpg?cb=1668890733 chrishammerschmidt.de https://cdn.slidesharecdn.com/ss_thumbnails/velocon1-220922204814-491b6b37-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/machine-learning-for-dfir-with-velociraptor-from-setting-expectations-to-a-case-study-253122898/253122898 Machine Learning for (... https://cdn.slidesharecdn.com/ss_thumbnails/datasciencemeetupluxembourgpaperswelikegans-180603083843-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/generative-adversarial-networks-gans-at-the-data-science-meetup-luxembourg-papers-we-like-session/100264154 Generative Adversarial...